Not Addressing Some Of The Most Common Potential Security Issues

Although it is well-known that you need to have unique passwords for each website or application, these passwords also need to be complex and should be stored in a secure location that no one else has access to.

Also knowing if your anti-virus and firewall software is functioning correctly, as many companies install this software but then have no way at all to make sure they are turned on let alone operating correctly.

Much of the above, although well-known for a number of years is still not being addressed correctly.

 

Not Knowing What You Don’t Know

The issues with trying to protect and secure your information is that you need to have an in-depth understanding of exactly what the threats are, where they are coming from and the latest best practices to secure your information. Without knowing this information, you may think your level of protection is more than adequate and you have everything covered but in many cases a specialist may be required to address potential issues of which you aren’t aware.

 

Thinking Once You Have Some Of The Basics Covered That You No Longer Need To Worry About Security

In the world of ever-evolving threats information security isn't something you simply address once and then can forget about it. As the number of threats is continuing to increase you need to implement a process that allows for your security to be addressed regularly. Depending on a number of factors this could be ever 6 to 12 months.

 

Just Looking At The Technology Solution

Is common that everyone addresses the various issues from a technology point of view, but they ignore the human factor. Often this is one of the most important areas to address as your information security is only as good as your weakest link. If adequate training hasn't been provided to members of your team and clear policies and procedures around how to handle information security, you're leaving yourself exposed.

 

Third-Party Exposure

Outsourcing to a third party that is a specialist in their field is great, but you need to make sure that they are the right person or company for the task. Also, it is important to be informed as even though the outsourced third party might be handling the day- to-day running of your IT security, you need to be involved in the process.

This also applies to inhouse IT as you may find they are ill-equipped to handle your information security requirements.